403Webshell
Server IP : 123.56.80.60  /  Your IP : 216.73.216.78
Web Server : Apache/2.4.54 (Win32) OpenSSL/1.1.1s PHP/7.4.33 mod_fcgid/2.3.10-dev
System : Windows NT iZhx3sob14hnz7Z 10.0 build 14393 (Windows Server 2016) i586
User : SYSTEM ( 0)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  C:/Program Files/python/Lib/site-packages/win32/Demos/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : C:/Program Files/python/Lib/site-packages/win32/Demos//EvtFormatMessage.py
import sys

import win32evtlog


def main():
    path = 'System'
    num_events = 5
    if len(sys.argv) > 2:
        path = sys.argv[1]
        num_events = int(sys.argv[2])
    elif len(sys.argv) > 1:
        path = sys.argv[1]

    query = win32evtlog.EvtQuery(path, win32evtlog.EvtQueryForwardDirection)
    events = win32evtlog.EvtNext(query, num_events)
    context = win32evtlog.EvtCreateRenderContext(win32evtlog.EvtRenderContextSystem)

    for i, event in enumerate(events, 1):
        result = win32evtlog.EvtRender(event, win32evtlog.EvtRenderEventValues, Context=context)

        print(('Event {}'.format(i)))

        level_value, level_variant = result[win32evtlog.EvtSystemLevel]
        if level_variant != win32evtlog.EvtVarTypeNull:
            if level_value == 1:
                print('    Level: CRITICAL')
            elif level_value == 2:
                print('    Level: ERROR')
            elif level_value == 3:
                print('    Level: WARNING')
            elif level_value == 4:
                print('    Level: INFO')
            elif level_value == 5:
                print('    Level: VERBOSE')
            else:
                print('    Level: UNKNOWN')

        time_created_value, time_created_variant = result[win32evtlog.EvtSystemTimeCreated]
        if time_created_variant != win32evtlog.EvtVarTypeNull:
            print(('    Timestamp: {}'.format(time_created_value.isoformat())))

        computer_value, computer_variant = result[win32evtlog.EvtSystemComputer]
        if computer_variant != win32evtlog.EvtVarTypeNull:
            print(('    FQDN: {}'.format(computer_value)))

        provider_name_value, provider_name_variant = result[win32evtlog.EvtSystemProviderName]
        if provider_name_variant != win32evtlog.EvtVarTypeNull:
            print(('    Provider: {}'.format(provider_name_value)))

            try:
                metadata = win32evtlog.EvtOpenPublisherMetadata(provider_name_value)
            # pywintypes.error: (2, 'EvtOpenPublisherMetadata', 'The system cannot find the file specified.')
            except Exception:
                pass
            else:
                try:
                    message = win32evtlog.EvtFormatMessage(metadata, event, win32evtlog.EvtFormatMessageEvent)
                # pywintypes.error: (15027, 'EvtFormatMessage: allocated 0, need buffer of size 0', 'The message resource is present but the message was not found in the message table.')
                except Exception:
                    pass
                else:
                    print(('    Message: {}'.format(message)))


if __name__=='__main__':
    main()

Youez - 2016 - github.com/yon3zu
LinuXploit